Ok well I am still new to back|track and getting used to all the tools. I just watched someones tutorial on just basic hacking. He use some tools that I was wondering about. I never really used metasploit before because I though it was mainly for destruction and thats not what I do. I think my idea's of what metasploit was are a little off, so could someone help me out. Basically what metaploit is is a big list of exploits that are regularly updated with exploits of gaining control of the target machine am I right? When you see Microsoft constaintly putting out new updates its because this program is exploited loop holes in common programs. Is metasploit used for other things that privilage escalation? How do you know what exploits to use on what machine? Thanks for the help.

11-29-2007, 02:50 PM

purehate

The answers to all those questions would fill up a book. Oh wait someone already did right here.

11-29-2007, 07:20 PM

Mortifix

Well I was just looking for some quick answers without having to pay $60. I found the answers to a few of my questions, but it was late last night and I was trying to get some sleep so thats why I posted here instead of looking in the first place. So at anytime please correct my thinking.

The way you find what exploit to attacking with all determines on what ports are open on the machine? I.e if there is a VNC port open then it would make sense to attack the VNC port.

I am not too sure on the payload methods, but I believe is personal preference or a kind of hit and miss thing, like if this doesn't work try this.

11-29-2007, 07:28 PM

purehate

I'm not trying to be a jerk but there is no quick answers to your questions. If you have a specific question I would be happy to answer it.

11-29-2007, 07:48 PM

imported_spankdidly

Quote:

Originally Posted by Mortifix

Well I was just looking for some quick answers without having to pay $60. I found the answers to a few of my questions, but it was late last night and I was trying to get some sleep so thats why I posted here instead of looking in the first place. So at anytime please correct my thinking.

The way you find what exploit to attacking with all determines on what ports are open on the machine? I.e if there is a VNC port open then it would make sense to attack the VNC port.

I am not too sure on the payload methods, but I believe is personal preference or a kind of hit and miss thing, like if this doesn't work try this.

It takes research, testing, and some luck. For me, my very limited experience with metasploit and autpwn, I was only able to exploit my test machines with some form of interaction AKA I sent the test machine a link of some sort (through email/IM/On a webpage) and if the link was clicked, then it would exploit the box. I've never been able to just run metasploit and get into anything. Including some OEM Xp sp1 boxes or older MS ME boxes either. But, then again, I'm no expert nor am I a programmer or any sort.

11-29-2007, 08:15 PM

thorin

You're soo far ahead of yourself it isn't even funny. It's like you're trying to figure out how to do division without understanding addition, subtraction, and multiplication first.

There is a regular workflow (WF) for vulnerability assessments or penetration tests. First you need to learn about that. Then you need to realize that use of Metasploit comes in at step 3 of a 4 step process. (Yes the WF contains different #'s of phases/steps depending on the methodology. But 3 of 4 is sufficient for illustrating the point).

11-29-2007, 08:49 PM

Mortifix

I am just trying to get started and honestly I don't know were to being. I wasn't trying to make you out to be a jerk purehate...sorry if it came out that way. :D

Let me give you basic rundown of what im doing. I work for a company that has a nice sized network (about 150) computers/internet devices. I work right next to the guy who maintains the servers so I don't do anything with the network, but honestly he doesn't know what he is doing either. I am not trying destroy the network of the company I work for, but I though it would be a good place to start learning things. So let me break down the layout of the network. There are about 150 computers with switchs on a lot of them. I just started reading on ARP and packet capturing. I know all of the passwords for all the computers, but I am trying to get them other ways :)

So this is what I did, I hooked up my laptop to the network and fired up autoscan. I let autoscan run its course and it gave me all the open ports for all the computers. This is what the scan looks like.

Firewall - 11 IP's

Server - There is 2 workgroups: MSHOME, and WORK
Under WORK is Server1 and under MSHOME is 2 IP's

So basically how we access certain server programs is by web address i.e. 192.168.1.1 and there is certain ones that say we can edit employees under one and we can change the channels of the TV's at our work on another.

So what is the next step I should take.

I am trying to learn this as a basic guide of what to do when I hook up to a new network. Thanks for the help!! :D

11-29-2007, 09:01 PM

purehate

Here is the problem- It may shock you to know that people often misrepresent themselves on the internet. I for one am wary of someone who says they have access to a network of 100 computers but has no idea how to do simple scanning and OS discovery so at this point you should be reading up on the following topics
1. arp protocol
2. switched/hub networks
3. shares
4. ports and what services use them
5. nmap

Please understand out position. I cant help it if you are trying to access a unauthorized network but I will feel better knowing I did not help.

11-29-2007, 09:10 PM

Mortifix

4 Attachment(s)

Well I knew that would be an issue so I took steps in advance. Here is a picture of the room with the server, and me holding the access card to enter the room with the server.

11-29-2007, 09:16 PM

purehate

I didn't even see a server but anyway it is next to impossible to tell you how to infiltrate a network with no info. Try a nmap scan